7.8
CVE-2023-53072 - mptcp: use the workqueue to destroy unaccepted sockets
In the Linux kernel, the following vulnerability has been resolved: mptcp: use the workqueue to destroy unaccepted sockets Christoph reported a UaF at token lookup time after having refactored the passive socket initialization part: BUG: KASAN: use-after-free in __token_bucket_busy+0x253/0x260β¦
5.5
CVE-2023-53104 - kernel: net: usb: smsc75xx: Move packet length check to prevent kernel panic in skb_pull
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
7.8
CVE-2023-53142 - ice: copy last block omitted in ice_get_module_eeprom()
In the Linux kernel, the following vulnerability has been resolved: ice: copy last block omitted in ice_get_module_eeprom() ice_get_module_eeprom() is broken since commit e9c9692c8a81 ("ice: Reimplement module reads used by ethtool") In this refactor, ice_get_module_eeprom() reads the eeprom in bβ¦
5.5
CVE-2023-53124 - scsi: mpt3sas: Fix NULL pointer access in mpt3sas_transport_port_add()
In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix NULL pointer access in mpt3sas_transport_port_add() Port is allocated by sas_port_alloc_num() and rphy is allocated by either sas_end_device_alloc() or sas_expander_alloc(), all of which may return NULL. So we β¦
5.5
CVE-2023-53102 - ice: xsk: disable txq irq before flushing hw
In the Linux kernel, the following vulnerability has been resolved: ice: xsk: disable txq irq before flushing hw ice_qp_dis() intends to stop a given queue pair that is a target of xsk pool attach/detach. One of the steps is to disable interrupts on these queues. It currently is broken in a way tβ¦
5.5
CVE-2023-53099 - firmware: xilinx: don't make a sleepable memory allocation from an atomic context
In the Linux kernel, the following vulnerability has been resolved: firmware: xilinx: don't make a sleepable memory allocation from an atomic context The following issue was discovered using lockdep: [ 6.691371] BUG: sleeping function called from invalid context at include/linux/sched/mm.h:209β¦
7.8
CVE-2023-53084 - drm/shmem-helper: Remove another errant put in error path
In the Linux kernel, the following vulnerability has been resolved: drm/shmem-helper: Remove another errant put in error path drm_gem_shmem_mmap() doesn't own reference in error code path, resulting in the dma-buf shmem GEM object getting prematurely freed leading to a later use-after-free.
5.5
CVE-2023-53126 - scsi: mpi3mr: Fix sas_hba.phy memory leak in mpi3mr_remove()
In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix sas_hba.phy memory leak in mpi3mr_remove() Free mrioc->sas_hba.phy at .remove.
5.5
CVE-2023-53086 - wifi: mt76: connac: do not check WED status for non-mmio devices
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: connac: do not check WED status for non-mmio devices WED is supported just for mmio devices, so do not check it for usb or sdio devices. This patch fixes the crash reported below: [ 21.946627] wlp0s3u1i3: authenticβ¦
5.5
CVE-2023-53074 - drm/amdgpu: fix ttm_bo calltrace warning in psp_hw_fini
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix ttm_bo calltrace warning in psp_hw_fini The call trace occurs when the amdgpu is removed after the mode1 reset. During mode1 reset, from suspend to resume, there is no need to reinitialize the ta firmware buffer wβ¦